Compliance

02:10 PM
Nancy Feig, Bank Systems & Technology
Nancy Feig, Bank Systems & Technology
News
Connect Directly
RSS
E-Mail
50%
50%

Domain-Based Phishing Attacks on the Rise

MarkMonitor reports that domain-based phishing attacks now represent 73% of all phishing scams.

Domain-based phishing scams are on the rise and consumers are easily fooled by fraudulent Web sites with recognizable domain names, according to findings from MarkMonitor's (San Francisco) AntiFraud Operations Center (AFOC).

MarkMonitor has been compiling information from 250 million e-mail inboxes of AOL, Yahoo and Earthlink customers and combining those results with its own research and data from the Anti-Phishing Working Group to come up with its statistics, says David Silver, VP of corporate strategy and products for MarkMonitor.

The AFOC found that domain-based phishing attacks now represent 73 percent of all attacks, up from 35 percent just 18 months ago.

The rise in domain-name phishing attacks stems from the fact that ISPs have filtering technologies that are more intelligent and will mark e-mails as spam that don't contain legitimate-looking URLs, Silver says. Before, fraudsters would send e-mails containing links to random IP addresses, but now, more sophisticated fraudsters realize that links to URLs with legitimate looking domain names are more likely to get by spam filters, he says. For instance, a fraudulent Web site with the domain name www.capitalonebanking.com is more likely to get by spam filters than something like 10.17.42.63/, he explains.

The impetus behind this rapid increase is illustrated in a recent independent study by several researchers from Harvard University and University of California Berkeley titled, "Why Phishing Works," which showed that 36 percent of participants rely primarily on the domain name, in addition to Web site content, to determine a site's legitimacy. It also found that participants were less suspicious of a Web site displaying a recognizable domain name versus a numerical IP address.

Defensive registering is the best defense against fraudsters, Silver says. "Many of our bank customers defensively register domain names," he adds. One bank has registered more than 5,000 domain names to ward against fraudsters. Outside of defensive registering, there are other ways that organizations can protect themselves, or they can choose to outsource protection. To safeguard against domain-based attacks, MarkMonitor alerts organizations to newly registered domain names that seek to mimic their familiar brand names before the domains become operational.

Once a bank discovers that a potential phisher has registered a domain name similar to the bank's own, it should immediately try to get the site taken off the Internet, either by buying out the owner or by trying to secure an administrative shutdown, Silver relates. Another defensive technique that MarkMonitor deploys for its customers is "dilution," whereby it populates the phisher's site with false and unusable information, making it worthless to potential buyers of phished information.

According to experts, banks should also utilize a broadcast strategy to alert customers of a phishing attack so that when a consumer clicks on the bogus Web site, he is instantly alerted by the ISP that the site is actually a phishing attempt.

On The Net

www.antiphishing.org
www.markmonitor.com
www.berkeley.edu
www.harvard.edu

Comment  | 
Print  | 
More Insights
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - July 2014
In addition to regular audits, the SEC will start to scrutinize the cyber-security preparedness of market participants.
Video
Stressed Out by Compliance, Reputational Damage & Fines?
Stressed Out by Compliance, Reputational Damage & Fines?
Financial services executives are living in a "regulatory pressure cooker." Here's how executives are preparing for the new compliance requirements.